RHEL7.2 SSH无密码登录非root用户
1 修改三台虚拟机的/ect/hosts文件
[hadoop@hadoop01 ~]$ cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
[hadoop@hadoop01 ~]$ su - root
密码:
上一次登录:六 11月 4 15:52:36 CST 2017pts/0 上
ABRT has detected 1 problem(s). For more info run: abrt-cli list --since 1509781956
[root@hadoop01 ~]# vi /etc/hosts
[root@hadoop01 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.169.101 hadoop01
192.168.169.102 hadoop02
192.168.169.103 hadoop03
2 修改三台虚拟机的/etc/ssh/sshd_config
[root@hadoop01 ~]# vi /etc/ssh/sshd_config
[root@hadoop01 ~]# cat /etc/ssh/sshd_config | grep uth | grep -v "#"
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
将前面的#号去掉
3 修改三台虚拟机的/etc/selinux/config
[root@hadoop01 ~]# vi /etc/selinux/config
[root@hadoop01 ~]# cat /etc/selinux/config | grep SELINUX= | grep -v "#"
SELINUX=disabled
4 重启虚机三台虚拟机
[root@hadoop01 ~]# reboot
5 配置SSH无密码登录
三台虚拟机依次操作如下:
192.168.168.101
[hadoop@hadoop01 ~]$ ssh-keygen
Generating public/private dsa key pair.
Created directory '/hadoop/.ssh'.
Your identification has been saved in /hadoop/.ssh/id_dsa.
Your public key has been saved in /hadoop/.ssh/id_dsa.pub.
The key fingerprint is:
c1:4b:6d:30:2b:57:b9:f8:dc:33:b6:d9:05:f8:79:31 hadoop@hadoop01
The key's randomart image is:
+--[ DSA 1024]----+
| o .. |
| . *. |
| . *.o. . |
| +.+. . .E |
| So . . oo|
| o = o o|
| . * o |
| o . |
| |
+-----------------+
[hadoop@hadoop01 ~]$ chmod 700 .ssh
[hadoop@hadoop01 ~]$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
[hadoop@hadoop01 ~]$ chmod 600 ~/.ssh/authorized_keys
[hadoop@hadoop01 ~]$ ssh hadoop01
The authenticity of host 'hadoop01 (192.168.169.101)' can't be established.
ECDSA key fingerprint is 7a:41:d1:c6:30:98:21:51:40:b7:ac:13:a4:0d:05:5c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'hadoop01,192.168.169.101' (ECDSA) to the list of known hosts.
Last login: Sun Nov 5 10:24:11 2017 from 192.168.169.1
[hadoop@hadoop01 ~]$ exit
登出
Connection to hadoop01 closed.
[hadoop@hadoop01 ~]$ ssh hadoop01
Last login: Sun Nov 5 10:26:02 2017 from hadoop01
192.168.168.102
[hadoop@hadoop02 ~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/hadoop/.ssh/id_rsa):
Created directory '/hadoop/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /hadoop/.ssh/id_rsa.
Your public key has been saved in /hadoop/.ssh/id_rsa.pub.
The key fingerprint is:
ee:ba:9f:68:d8:ab:27:ea:f7:42:ff:0c:47:80:fe:63 hadoop@hadoop02
The key's randomart image is:
+--[ RSA 2048]----+
| |
| . |
| . . |
| . . |
| . S |
| .. o |
| . +E o |
| =.=B . |
| .oo.B*** |
+-----------------+
[hadoop@hadoop02 ~]$ chmod 700 .ssh
[hadoop@hadoop02 ~]$ scp -rp ~/.ssh/id_rsa.pub hadoop@hadoop01:/hadoop/.ssh/id_rsa.pub.102
The authenticity of host 'hadoop01 (192.168.169.101)' can't be established.
ECDSA key fingerprint is 7a:41:d1:c6:30:98:21:51:40:b7:ac:13:a4:0d:05:5c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'hadoop01,192.168.169.101' (ECDSA) to the list of known hosts.
hadoop@hadoop01's password:
id_rsa.pub
192.168.169.103
hadoop@hadoop03 ~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/hadoop/.ssh/id_rsa):
Created directory '/hadoop/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /hadoop/.ssh/id_rsa.
Your public key has been saved in /hadoop/.ssh/id_rsa.pub.
The key fingerprint is:
dc:c2:8d:14:b0:bf:64:a7:2f:41:44:34:1b:66:2b:b2 hadoop@hadoop03
The key's randomart image is:
+--[ RSA 2048]----+
| .+O |
| +.* |
| . o.+ |
| o *.+ |
| E .S + |
| o.= |
| o. |
| .. |
| .. |
+-----------------+
[hadoop@hadoop03 ~]$ chmod 700 .ssh
[hadoop@hadoop03 ~]$ scp -rp ~/.ssh/id_rsa.pub hadoop@hadoop01:/hadoop/.ssh/id_rsa.pub.103
The authenticity of host 'hadoop01 (192.168.169.101)' can't be established.
ECDSA key fingerprint is 7a:41:d1:c6:30:98:21:51:40:b7:ac:13:a4:0d:05:5c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'hadoop01,192.168.169.101' (ECDSA) to the list of known hosts.
hadoop@hadoop01's password:
id_rsa.pub
192.168.169.101
[hadoop@hadoop01 ~]$ cat ~/.ssh/id_rsa.pub.102 >> ~/.ssh/authorized_keys
[hadoop@hadoop01 ~]$ cat ~/.ssh/id_rsa.pub.103 >> ~/.ssh/authorized_keys
[hadoop@hadoop01 ~]$ scp -rp ~/.ssh/authorized_keys hadoop@hadoop02:/hadoop/.ssh/
The authenticity of host 'hadoop02 (192.168.169.102)' can't be established.
ECDSA key fingerprint is f7:ef:fb:e5:7e:0f:59:40:63:23:99:9a:ca:e2:03:e8.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'hadoop02,192.168.169.102' (ECDSA) to the list of known hosts.
hadoop@hadoop02's password:
authorized_keys 100% 397 0.4KB/s 00:00
[hadoop@hadoop01 ~]$ scp -rp ~/.ssh/authorized_keys hadoop@hadoop03:/hadoop/.ssh/
The authenticity of host 'hadoop03 (192.168.169.103)' can't be established.
ECDSA key fingerprint is 25:a7:16:1f:49:91:0f:ba:f8:ba:68:bb:1e:e0:1c:44.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'hadoop03,192.168.169.103' (ECDSA) to the list of known hosts.
hadoop@hadoop03's password:
authorized_keys 100% 397 0.4KB/s 00:00
6 验证
192.168.169.101
[hadoop@hadoop01 ~]$ ssh hadoop02
Last login: Sun Nov 5 13:42:56 2017 from 192.168.169.1
[hadoop@hadoop02 ~]$ exit
登出
Connection to hadoop02 closed.
[hadoop@hadoop01 ~]$ ssh hadoop03
Last login: Sun Nov 5 13:42:58 2017 from 192.168.169.1
[hadoop@hadoop03 ~]$
192.168.169.102
[hadoop@hadoop02 ~]$ ssh hadoop01
Last login: Sun Nov 5 13:44:08 2017 from 192.168.169.1
[hadoop@hadoop01 ~]$ exit
登出
Connection to hadoop01 closed.
[hadoop@hadoop02 ~]$ ssh hadoop03
The authenticity of host 'hadoop03 (192.168.169.103)' can't be established.
ECDSA key fingerprint is 25:a7:16:1f:49:91:0f:ba:f8:ba:68:bb:1e:e0:1c:44.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'hadoop03,192.168.169.103' (ECDSA) to the list of known hosts.
Last login: Sun Nov 5 13:51:57 2017 from hadoop01
[hadoop@hadoop03 ~]$
192.168.169.103
[hadoop@hadoop03 ~]$ ssh hadoop01
Last login: Sun Nov 5 13:52:30 2017 from hadoop02
[hadoop@hadoop01 ~]$ exit
登出
Connection to hadoop01 closed.
[hadoop@hadoop03 ~]$ ssh hadoop02
The authenticity of host 'hadoop02 (192.168.169.102)' can't be established.
ECDSA key fingerprint is f7:ef:fb:e5:7e:0f:59:40:63:23:99:9a:ca:e2:03:e8.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'hadoop02,192.168.169.102' (ECDSA) to the list of known hosts.
Last login: Sun Nov 5 13:51:50 2017 from hadoop01
[hadoop@hadoop02 ~]$
RHEL7.2 SSH无密码登录非root用户的更多相关文章
- ssh 无密码登录 非相同用户
场景,机器A 用户a,想登录机器B ,机器B上没有用户a,有用户b. 已知机器B的用户密码,可以这么做. 实验:两台机器都是linux centos的系统. 在机器A上生成a用户的密钥. ssh-ke ...
- linux下开启SSH,并且允许root用户远程登录,允许无密码登录
参考:http://blog.csdn.net/jia0511/article/details/8237698 1. 允许root用户远程登录 修改ssh服务配置文件 sudo vi /etc/ssh ...
- 【异常】ssh无法登录验证,非root用户ssh本机无法成功
1 自己搭建的是伪分布式环境,需要以非root用户启动Hadoop集群,之前root已经配置了ssh免密登录,但是自己切换到hdfs用户重新生成了一套ssh key, 但是切换到hdfs始终无法成功登 ...
- 非root用户的SSH免密登录
在网上找到的教程一般是这样说的 cd ~/.ssh/ # 若没有该目录,请先执行一次ssh localhost ssh-keygen -t rsa # 会有提示,都按回车就可以 cat id_rsa. ...
- 普通用户ssh无密码登录设置
这段时间在做Hadoop的环境配置,用root用户只需要按照一定的步骤进行操作就可以直接实现无密码登录,但如果使用新建用户,怎么尝试都不行. 本帖大部分都是其他人帖子的内容.如果按照下面的步骤还是不能 ...
- 如何以非 root 用户将应用绑定到 80 端口-ssh 篇 » 社区 » Ruby China
如何以非 root 用户将应用绑定到 80 端口-ssh 篇 » 社区 » Ruby China 如何以非 root 用户将应用绑定到 80 端口-ssh 篇
- 非root用户ssh 执行 sudo远程机器免密钥
非root用户ssh 执行 sudo远程机器免密钥 # 1.登陆192.168.1.10 ssh-keygen -t rsa # 一路回车 # 将公钥添加到认证文件中 cat ~/.ssh/id_rs ...
- Ubuntu-18.04 下修改root用户密码,安装SSH服务,允许root用户远程登录,安装vsftp服务器
修改root用户密码 打开终端,输入 sudo passwd root 指令: 安装SSH服务 ssh默认端口号是22,可以在/etc/ssh/sshd_config文件中修改 查看服务器否开启:ne ...
- MHA非root用户搭建测试
最近一直在瞎搬砖,最大的感触是运维工作难做.不过废话不多说,最近被分配了一项比较有意思的task,尝试着非root用户搭建MHA并测试下能否成功漂移,以下是两天测试和文档编写的成果,分享给各位看客,欢 ...
随机推荐
- Linux::mysql-connector-c++
.安装好boost. .从官网下载mysql connector c++版本. .解压,复制 include/jdbc/cppconn 文件夹复制,到/usr/local/include/cppcon ...
- CSAPP:逆向工程【缓冲区溢出攻击】
逆向工程[缓冲区溢出攻击] 任务描述 掌握函数调用时的栈帧结构,利用输入缓冲区的溢出漏洞,将攻击代码嵌入当前程序的栈帧中,使程序执行我们所期望的过程. 主要方法 溢出的字符将覆盖栈帧上的数据,会覆盖程 ...
- python爬取旅游数据+matplotlib简单可视化
题目如下: 共由6个函数组成: 第一个函数爬取数据并转为DataFrame: 第二个函数爬取数据后存入Excel中,对于解题来说是多余的,仅当练手以及方便核对数据: 后面四个函数分别对应题目中的四个m ...
- 近万字案例:Rancher + VMware PKS实现全球数百站点K8S集群管理
Sovereign Systems是一家成立于2007年的技术咨询公司,帮助客户将传统数据中心技术和应用程序转换为更高效的.基于云的技术平台,以更好地应对业务挑战.曾连续3年提名CRN,并且在2012 ...
- thinkcmf5 支付宝接口操作
这是我自己摸索再结合网上搜索的一大堆内容搞出来的,官方的文件对于新手来说很难理解,什么文件放什么位置,该怎么引用,都要一一尝试,我这就直接列出来了,照样放就是了.同样适用于tp5,我这个也是tp5的 ...
- WebShell代码分析溯源(一)
WebShell代码分析溯源(一) 一.一句话变形马样本 <?php $_GET['POST']($_POST['GET']);?> 二.代码分析 1.调整代码格式 <?php $_ ...
- 记一次 XxlRpcException:xxl-rpc request timeout at 超时问题
事件起因 昨天有同事找我到,说他搭建的 XXL-JOB 任务调度系统不能工作了,调用总是出错(服务端返回 500)希望我能帮忙处理一下,不过说实话我也没有搭建过 XXL-JOB 的经验,但是既然同事请 ...
- CMMS系统中工单派案&调度
系统为客户经理提供一个有效的调度控制台,由客户经理负责将需要外派现场处理的工单进行统一的分配调度,系统显示每个技术人员的时间表,根据专业技能.可用性.距离或其他资格标准筛选技术服务人员,并向调度人员提 ...
- 面试题-javascript-面向对象编程
笔者在某次笔试中遇到这个题:印象很深. function ClassA() { var value=4; this.getValue= function() { return value; } thi ...
- 如何上传项目至GitHub
1.下载 https://gitforwindows.org/ 2.打开Git Bash 把git绑定到GitHub 3.打开GitHub登陆后 点击settings 点击SSH and GPG ke ...